Notification

  Latest launch: DarkMatter Cyber Security Report. Click here to read more

Cyber Network Defense

Sophisticated cyber threats and stealthy assaults perpetrated by attackers today exploit the immaturity of the fractured nature of security solutions currently in use by many organisations. DarkMatter’s Cyber Network Defence division provides sophisticated active Cyber Threat Hunting and Incident Readiness and Response services tailored to each client’s unique needs.

Threat Hunting and Assessment

Our elite, highly trained and experienced teams of engineers, mathematicians, software experts, digital defenders and hackers bring a Special Forces-like capability to our assessment and testing operations. Through a holistic and comprehensive approach, we deliver a full-stack security review that’s tailored to each client’s unique needs.

Designed to enable sophisticated defence-in-depth solutions, our assessments and active testing approach helps you prepare for today’s sophisticated, persistent cyber threats and stealthy assault exploits. Our services ensure you are not left vulnerable by immature and fractured security solutions that are so common in many organisations.

Incident Readiness and Response

For us, incident response is not a question of ‘if’, but rather of ‘when’. This means your response must be as robust as your defence. And when a breach does occur, your response must be as rapid and effective as possible to mitigate an attack’s impact. We work extensively across all levels of your organisation to ensure you are ready for an attack.

Technical Testing Services

Our Security Assessment teams offer a range of services to help identify and manage threats and vulnerabilities inside your environment. This includes prioritisation and mitigation planning and implementation.

 

 

Our full breadth of service includes:

 

Threat Hunting and Assessment

 

Compromise Assessment

We offer threat hunting engagement through a compromise assessments to help you understand your organisation’s full cyber security posture. This includes Network Compromise Assessments that look for signs that network traffic between the client network and the internet are being intercepted. Host compromise assessment reviews systems supported within a host-based enterprise, while behavioural analysis of network traffic looks for outliers that indicate the presence of malicious activity. We also provide an in-depth technical breakdown that details all malicious artefacts and compromised systems, and suggests remediation actions.

This assessment can include a threat actor activity summary that details who is behind any malicious activity identified within your organisation, in situations where attribution and assessment of the threat can be measured with high confidence.

We proactively and iteratively search your networks and endpoints for the latest known threats based on indicators of compromise (IoCs) and the detection of malicious behaviour. These sweeps move beyond traditional rule- or signature-based security solutions to more advanced indicators or artefacts of compromise.

We deploy both manual and machine-assisted techniques that help identify the tactics, techniques and procedures of advanced adversaries and cyber criminals.

Threat Intelligence & Malware Analysis

Drawing on intelligence from local and international Computer Emergency Response Teams (CERTS), leading research and academic institutions, Internet Storm Centres, and Incident of Threat notification platforms around the world, we analyse and consolidate emerging trends and developments in cybercrime to help us understand threat vectors, attack scenarios and attack geolocations.

We analyse attack types and the cybercriminals behind them, using this intelligence to shape short-term remedial responses and build long-term network resilience for our clients.

Key features:

– Advanced Threat Intelligence – We provide high value, enriched, contextualised real-time visibility of threats and threat actors specifically for unique targets, assets or identities.

– Malware and Reverse Engineering – We unravel the most advance persistent and human morphia threats by deconstructing payloads line by line, whether delivered to desktops, servers or mobile devices.

 

Cyber Incident Response

 

We offer two models of support to organisations experiencing an ongoing breach.

Full-Service Emergency Critical Response Team 

Offering end-to-end management and crisis communication, our analysts, malware specialists and forensic experts triage issues and take immediate action.

Consulting Team 

Our experts support your in-house team to augment incident response capabilities, ranging from threat identification to remediation.

Cyber Incident Readiness Planning

Our Readiness Planning service helps you prepare to respond to a cyber-attack by building a tailored response programme that is realistically implementable, based on your people, processes and technologies. We offer table-top exercises and incident scenarios and exercises to test your response plans, as well as comprehensive audits of your baseline response capabilities and plans.

 

Technical Testing Services

 

Vulnerability Assessment

Through a sweeping assessment of your organisation’s technological environments, we reveal cyber security gaps and weaknesses in wired and wireless infrastructures, network devices, security devices, operating systems, and applications.

Key features:

  • Technical assessment with results prioritised according to the Common Vulnerability Scoring System (CVSS)
  • Testing methodology based on a combination of the Open Source Security Testing Manual (OSSTMM) standard and tailored customer requirements

Penetration Testing

The Penetration Testing service evaluates the robustness of your organisation’s current security posture by defining and implementing real-world attack scenarios against the technological target. Specific rules of engagement are established with the organisation to protect business continuity during testing.

We provide risk evaluations for the chained exploitation paths related to detected vulnerabilities.

Categories of our Penetration Testing service include:

  • External: attempted breaches from outside an organisation’s perimeter security
  • Internal: attacks perpetrated by internal threat adversaries
  • Wireless: attacks directed at wireless technologies and networks
  • Web and Mobile Applications: malicious acts leveraging technological or logical weaknesses or flaws in web and mobile software

Project Zero Red Teaming

DarkMatter’s Project Zero Red Teaming service provides the most robust, real-world challenge available to test the strength of an organisation’s end-to-end information security programme. Mimicking the behaviour of malicious actors, our specialised strike teams conduct exercises involving goal-oriented attacks designed to target all components of an organisation’s security programme.

Cyber-attack goals and markers of success are not provided to you ahead of time, thereby simulating real-world advanced threats that seek to breach your security measures and gain unauthorised access to critical assets.

Like a real attacker, our team seek out weaknesses across your technologies, business processes and security protocols, personnel, and the physical security of an organisation, for example, RFI card cloning and unauthorised physical entry.

Industrial Control Systems (ICS) Security Assessment

Designed for the most critical and sensitive Industrial Control Systems (ICS) environments, our security assessment combines proprietary methodologies and technologies and both machine and manual tools to deliver advanced technical testing of networks, field buses, systems, applications, and additional ICS elements.

Key features:

  • Detailed threat modelling and scoping to cover peripheral attack vectors against ICS
  • Security assessment of ICS components (DCS, PLCs, RTUs, HMIs, Data Diodes, Data Historians)
  • State-of-the-art fuzzing and reverse engineering techniques to identify vulnerabilities
  • Assessment of relevant physical security

 

Resources